<?php
/******************************
 * EQdkp
 * Copyright 2002-2003
 * Licensed under the GNU GPL.  See COPYING for full terms.
 * ------------------
 * mm_addmember.php
 * Began: Thu January 30 2003
 * 
 * $Id: mm_addmember.php 541 2008-05-20 06:56:16Z rspeicher $
 * 
 ******************************/
 
// This script handles adding, updating or deleting a member.
// NOTE: This script will also process deleting multiple members through the
// mm_listmembers interface

if ( !defined('EQDKP_INC') )
{
    die('Hacking attempt');
}

// Obtain var settings
$names = ( !empty($_REQUEST[URI_NAME]) ) ? strval($_REQUEST[URI_NAME]) : '';
$confirm = ( !empty($_POST['confirm']) ) ? true : false;

if ( isset($_POST['cancel']) )
{
    redirect('manage_members.php');
}

// Figure out what submit button was pressed
$add    = ( isset($_POST['add']) ) ? true : false;
$update = ( isset($_POST['update']) ) ? true : false;
$delete = ( isset($_POST['delete']) ) ? true : false;

// Figure out action based on submit
if ( $add )
{
    $subaction = 'add';
}
elseif ( $update )
{
    $subaction = 'update';
}
elseif ( ($delete) || ($confirm) )
{
    $subaction = 'delete';
}
else
{
    $subaction = 'display';
}

//
// Error Checking and variable initialization
//
if ( ($add) || ($update) )
{
    $_POST = htmlspecialchars_array($_POST);
    
    $fv->is_filled('member_name', $user->lang['fv_required_name']);
    $fv->is_number(array(
        'member_earned' => $user->lang['fv_number'],
        'member_spent' => $user->lang['fv_number'],
        'member_adjustment' => $user->lang['fv_number'])
    );
    
    if ( $fv->is_error() )
    {
        $subaction = 'display';
    }
}

//
// Get relevant data
//
if ( !empty($names) )
{
    if ( $subaction != 'delete' )
    {
        $sql = 'SELECT *, (member_earned-member_spent+member_adjustment) AS member_current
                FROM ' . MEMBERS_TABLE . "
                WHERE member_name='".$names."'";
        $result = $db->query($sql);
        if ( !$row = $db->fetch_record($result) )
        {
            message_die($user->lang['error_invalid_name_provided']);
        }
        $db->free_result($result);
        
        $member = array(
            'member_id' => $row['member_id'],
            'member_name' => post_or_db('member_name', true, $row),
            'member_earned' => post_or_db('member_earned', true, $row),
            'member_spent' => post_or_db('member_spent', true, $row),
            'member_adjustment' => post_or_db('member_adjustment', true, $row),
            'member_current' => $row['member_current'],
            'member_race' => post_or_db('member_race', true, $row),
            'member_class' => post_or_db('member_class', true, $row),
            'member_level' => post_or_db('member_level', true, $row)
        );
    }
}
else
{
    if ( $subaction != 'delete' )
    {
        $member = array(
            'member_id' => 0,
            'member_name' => post_or_db('member_name', false),
            'member_earned' => post_or_db('member_earned', false),
            'member_spent' => post_or_db('member_spent', false),
            'member_adjustment' => post_or_db('member_adjustment', false),
            'member_current' => '0.00',
            'member_race' => post_or_db('member_race', false),
            'member_class' => post_or_db('member_class', false),
            'member_level' => post_or_db('member_level', false)
        );
    }
}

switch ( $subaction )
{
    //
    // Add member
    //
    case 'add':
        $sql = 'INSERT INTO ' . MEMBERS_TABLE . "
                (member_id, member_name, member_earned, member_spent, member_adjustment, member_firstraid, member_lastraid, member_level, member_race, 
                 member_class)
                VALUES ('NULL','".$_POST['member_name']."','".$_POST['member_earned']."','".$_POST['member_spent']."','".$_POST['member_adjustment']."',
                        '".time()."','".time()."','".$_POST['member_level']."','".$_POST['member_race']."','".$_POST['member_class']."')";
        $db->query($sql);
        
        // Logging
        $log_action = array(
            'header' => '{L_ACTION_MEMBER_ADDED}',
            '{L_NAME}' => $_POST['member_name'],
            '{L_ADDED_BY}' => $user->data['username']);
        $eqdkp->log_insert(array(
            'log_type' => $log_action['header'],
            'log_action' => $eqdkp->make_log_action($log_action),
            'log_ipaddress' => $user->ip,
            'log_sid' => $user->session_id,
            'log_result' => '{L_SUCCESS}',
            'admin_id' => $user->data['user_id'])
        );
        
        message_die(stripslashes(sprintf($user->lang['admin_add_member_success'], $_POST['member_name'])));
        
        break;
    //
    // Edit member
    //
    case 'update':
        $sql = 'SELECT *
                FROM ' . MEMBERS_TABLE . "
                WHERE member_name='".$_POST[URI_NAME]."'";
        $result = $db->query($sql);
        while ( $row = $db->fetch_record($result) )
        {
            $old_member = array(
                'member_name' => addslashes($row['member_name']),
                'member_earned' => $row['member_earned'],
                'member_spent' => $row['member_spent'],
                'member_adjustment' => $row['member_adjustment']);
        }
        $db->free_result($result);
        
        $sql = 'UPDATE ' . MEMBERS_TABLE . "
                SET member_name='".$_POST['member_name']."', member_earned='".$_POST['member_earned']."', member_spent='".$_POST['member_spent']."',
                member_adjustment='".$_POST['member_adjustment']."', member_race='".$_POST['member_race']."', member_class='".$_POST['member_class']."',
                member_level='".$_POST['member_level']."' WHERE member_name='".$_POST[URI_NAME]."'";
        $db->query($sql);
        
        // Logging
        $log_action = array(
            'header' => '{L_ACTION_MEMBER_UPDATED}',
            '{L_NAME_BEFORE}' => $old_member['member_name'],
            '{L_EARNED_BEFORE}' => $old_member['member_earned'],
            '{L_SPENT_BEFORE}' => $old_member['member_spent'],
            '{L_ADJUSTMENT_BEFORE}' => $old_member['member_adjustment'],
            '{L_NAME_AFTER}' => find_difference($old_member['member_name'], $_POST['member_name']),
            '{L_EARNED_AFTER}' => find_difference($old_member['member_earned'], $_POST['member_earned']),
            '{L_SPENT_AFTER}' => find_difference($old_member['member_spent'], $_POST['member_spent']),
            '{L_ADJUSTMENT_AFTER}' => find_difference($old_member['member_adjustment'], $_POST['member_adjustment']),
            '{L_UPDATED_BY}' => $user->data['username']);
        $eqdkp->log_insert(array(
            'log_type' => $log_action['header'],
            'log_action' => $eqdkp->make_log_action($log_action),
            'log_ipaddress' => $user->ip,
            'log_sid' => $user->session_id,
            'log_result' => '{L_SUCCESS}',
            'admin_id' => $user->data['user_id'])
        );
        
        message_die(stripslashes(sprintf($user->lang['admin_update_member_success'], $old_member['member_name'])));
        
        break;
    //
    // Delete member(s)
    //
    case 'delete':
        if ( !$confirm )
        {
            foreach ( $_POST['compare_ids'] as $k => $v )
            {
                $member_name = $db->query_first('SELECT member_name FROM ' . MEMBERS_TABLE . " WHERE member_id='".$v."'");
                $member_names[] = $member_name;
            }
            
            $names = implode(', ', $member_names);
            
            confirm_delete($user->lang['confirm_delete_members'] . '<br /><br />' . $names, URI_NAME, $names, 'manage_members.php' . $SID . '&amp;mode=addmember');
        }
        else
        {
            $success_message = '';
            $members = explode(', ', $_POST[URI_NAME]);
            foreach ( $members as $k => $v )
            {
                $sql = 'SELECT *
                        FROM ' . MEMBERS_TABLE . "
                        WHERE member_name='".$v."'";
                $result = $db->query($sql);
                while ( $row = $db->fetch_record($result) )
                {
                    $old_member = array(
                        'member_name' => addslashes($row['member_name']),
                        'member_earned' => $row['member_earned'],
                        'member_spent' => $row['member_spent'],
                        'member_adjustment' => $row['member_adjustment']);
                }
                $db->free_result($result);
                
                // Delete attendance
                $sql = 'DELETE FROM ' . RAID_ATTENDEES_TABLE . "
                        WHERE member_name='".$v."'";
                $db->query($sql);
                
                // Delete items
                $sql = 'DELETE FROM ' . ITEMS_TABLE . "
                        WHERE item_buyer='".$v."'";
                $db->query($sql);
                
                // Delete adjustments
                $sql = 'DELETE FROM ' . ADJUSTMENTS_TABLE . "
                        WHERE member_name='".$v."'";
                $db->query($sql);
                
                // Delete member
                $sql = 'DELETE FROM ' . MEMBERS_TABLE . "
                        WHERE member_name='".$v."'";
                $db->query($sql);
                
                // Logging
                $log_action = array(
                    'header' => '{L_ACTION_MEMBER_DELETED}',
                    '{L_NAME}' => $old_member['member_name']);
                $eqdkp->log_insert(array(
                    'log_type' => $log_action['header'],
                    'log_action' => $eqdkp->make_log_action($log_action),
                    'log_ipaddress' => $user->ip,
                    'log_sid' => $user->session_id,
                    'log_result' => '{L_SUCCESS}',
                    'admin_id' => $user->data['user_id'])
                );
                
                $success_message .= sprintf($user->lang['admin_delete_members_success'], $v) . '<br />';
            }
            
            message_die(stripslashes($success_message));
            
        } // confirmed
        
        break;
    case 'display':
        $eq_data = array(
            'classes' => array('Bard','Beastlord','Cleric','Druid','Enchanter','Magician','Monk','Necromancer','Paladin','Ranger',
                               'Rogue','Shadow Knight','Shaman','Warrior','Wizard'),
            'races' => array('Barbarian','Dark Elf','Dwarf','Erudite','Gnome','Half Elf','Halfling','High Elf','Human','Iksar',
                             'Ogre','Troll','Vah`Shir','Wood Elf')
            );
                
        foreach ( $eq_data['races'] as $k => $v )
        {
            $tpl->assign_block_vars('race_row', array(
                'VALUE' => $v,
                'SELECTED' => ( $member['member_race'] == $v ) ? ' selected="selected"' : '',
                'OPTION' => $v)
            );
        }
        foreach ( $eq_data['classes'] as $k => $v )
        {
            $tpl->assign_block_vars('class_row', array(
                'VALUE' => $v,
                'SELECTED' => ( $member['member_class'] == $v ) ? ' selected="selected"' : '',
                'OPTION' => $v)
            );
        }
        
        if ( !empty($member['member_name']) )
        {
            // Get their correct earned/spent
            $correct_earned = $db->query_first('SELECT sum(r.raid_value) FROM ' . RAIDS_TABLE . ' r, ' . RAID_ATTENDEES_TABLE . " ra WHERE ra.raid_id = r.raid_id AND ra.member_name='".$member['member_name']."'");
            $correct_spent = $db->query_first('SELECT sum(item_value) FROM ' . ITEMS_TABLE . " WHERE item_buyer='".$member['member_name']."'");
        }
        
        $tpl->assign_vars(array(
            'F_ADD_MEMBER' => 'manage_members.php' . $SID . '&amp;mode=addmember',
            
            'L_ADD_MEMBER_TITLE' => $user->lang['addmember_title'],
            'L_NAME' => $user->lang['name'],
            'L_RACE' => $user->lang['race'],
            'L_CLASS' => $user->lang['class'],
            'L_LEVEL' => $user->lang['level'],
            'L_EARNED' => $user->lang['earned'],
            'L_SPENT' => $user->lang['spent'],
            'L_ADJUSTMENT' => $user->lang['adjustment'],
            'L_CURRENT' => $user->lang['current'],
            'L_SHOULD_BE' => $user->lang['should_be'],
            'L_ADD_MEMBER' => $user->lang['add_member'],
            'L_RESET' => $user->lang['reset'],
            'L_UPDATE_MEMBER' => $user->lang['update_member'],
            'L_DELETE_MEMBER' => $user->lang['delete_member'],
            
            'MEMBER_NAME' => $member['member_name'],
            'MEMBER_ID' => $member['member_id'],
            'MEMBER_EARNED' => $member['member_earned'],
            'MEMBER_SPENT' => $member['member_spent'],
            'MEMBER_ADJUSTMENT' => $member['member_adjustment'],
            'MEMBER_CURRENT' => ( !empty($member['member_current']) ) ? $member['member_current'] : '0.00',
            'MEMBER_LEVEL' => $member['member_level'],
            'CORRECT_MEMBER_EARNED' => ( !empty($correct_earned) ) ? $correct_earned : '0.00',
            'CORRECT_MEMBER_SPENT' => ( !empty($correct_spent) ) ? $correct_spent : '0.00',
            'C_MEMBER_CURRENT' => color_item($member['member_current']),
            
            'FV_MEMBER_NAME' => $fv->generate_error('member_name'),
            'FV_MEMBER_LEVEL' => $fv->generate_error('member_level'),
            'FV_MEMBER_EARNED' => $fv->generate_error('member_earned'),
            'FV_MEMBER_SPENT' => $fv->generate_error('member_spent'),
            'FV_MEMBER_ADJUSTMENT' => $fv->generate_error('member_adjustment'),
            'FV_MEMBER_CURRENT' => $fv->generate_error('member_current'),
            
            'MSG_NAME_EMPTY' => $user->lang['fv_required_name'],
            
            'S_ADD' => ( !empty($names) ) ? false : true)
        );
        
        $page_title = sprintf($user->lang['admin_title_prefix'], $eqdkp->config['guildtag'], $eqdkp->config['dkp_name']).': '.$user->lang['manage_members_title'];
        include_once($eqdkp_root_path . 'includes/page_header.php');
        
        $tpl->set_filenames(array(
            'body' => 'admin/mm_addmember.html')
        );
        
        include_once($eqdkp_root_path . 'includes/page_tail.php');
        break;
}
?>